CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

WP DeskLite - Reflected XSS

WP DeskLite WordPress plugin through 1.0.0 contains a reflected XSS caused by unsanitized and unescaped parameter output, letting attackers execute scripts against high privilege users such as admin, exploit requires crafted request. id: CVE-2024-12724 info: name: WP DeskLite - Reflected XSS...

6.1CVSS5.5AI score0.00252EPSS

Exploits1References2

NVD•added 2025/05/15 8:15 p.m.•3 views

CVE-2024-12724

The WP DeskLite WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS0.00252EPSS

Exploits1References1

CVE•added 2025/05/15 8:6 p.m.•26 views

CVE-2024-12724

WP DeskLite WordPress plugin up to version 1.0.0 is affected by a reflected XSS due to unsanitized/unescaped parameters echoed back in pages. This can enable script execution in admin users’ browsers when a crafted request is sent. Affected: WP DeskLite 1.0.0 and earlier. Root cause: parameter ou...

6.1CVSS6.1AI score0.00252EPSS

Exploits1References1Affected Software1

Cvelist•added 2025/05/15 8:6 p.m.•8 views

CVE-2024-12724 WP DeskLite <= 1.0.0 - Reflected XSS

0.00252EPSS

Exploits1References1

Positive Technologies•added 2025/05/15 12:0 a.m.•2 views

PT-2025-21432

Name of the Vulnerable Software and Affected Versions: WP DeskLite WordPress plugin versions 1.0.0 and earlier Description: The issue is related to a Reflected Cross-Site Scripting problem. It occurs because a parameter is not properly sanitised and escaped before being outputted back in the page...

6.1CVSS5.4AI score0.00252EPSS

Exploits1References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by